315 matches found
Design/Logic Flaw
Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by...
CVE-2019-5629
Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by...
The vulnerability of the syntax analysis procedure for Python interpreter certificates allows attackers to trigger a service failure.
The vulnerability of the syntax analysis procedure for Python interpreter certificates is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...
Important: Red Hat Security Advisory: python3 security update
An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
RHEL 8 : python3 (RHSA-2019:0997)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0997 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
Apache OpenOffice Remote Code Execution Vulnerability (Feb 2019) - Mac OS X
Apache OpenOffice Writer is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ReconDog v2.0 - Reconnaissance Swiss Army Knife
Reconnaissance Swiss Army Knife Main Features Wizard + CLA interface Can extracts targets from STDIN piped input and act upon them All the information is extracted with APIs, no direct contact is made to the target Utilities Censys: Uses censys.io to gather massive amount of information about an ...
Security update for python (moderate)
This update for python fixes the following issues: Security issues fixed: - CVE-2017-1000158: Fixed integer overflows in PyStringDecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution bsc1068664. - CVE-2018-1000030: Fixed crash inside the...
openSUSE Security Update : python (openSUSE-2018-511)
This update for python fixes the following issues : Security issues fixed : - CVE-2017-1000158: Fixed integer overflows in PyStringDecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution bsc1068664. - CVE-2018-1000030: Fixed crash inside t...
SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2018:1372-1)
This update for python fixes the following issues: Security issues fixed : - CVE-2017-1000158: Fixed integer overflows in PyStringDecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution bsc1068664. - CVE-2018-1000030: Fixed crash inside th...
UBUNTU-CVE-2016-5636
Integer overflow in the getdata function in zipimport.c in CPython aka Python before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow...
Firmware Analysis Tool: Binwalk
Binwalk is a fast, easy to use tool for analyzing and extracting firmware images Firmware Analysis Tool Binwalk is: Fast Flexible Extendable Easy to use Binwalk can: Find and extract interesting files / data from binary images Find and extract raw compression streams Identify opcodes for a variet...
The vulnerability of the NX-OS network operating system allows a hacker to gain root user privileges.
The vulnerability of the NX-OS network operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability could allow a malicious actor, operating locally, to gain root user privileges by sending a specific set of commands to the Python interpreter...
[SECURITY] Fedora 23 Update: ipython-3.2.1-3.fc23
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
[SECURITY] Fedora 21 Update: ipython-2.4.1-8.fc21
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
[SECURITY] Fedora 22 Update: ipython-2.4.1-7.fc22
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
CVE-2015-4234
Cisco NX-OS 6.02 and 6.22 on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127...
Input validation
Cisco NX-OS 6.02 and 6.22 on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127...
CVE-2015-4234
Cisco NX-OS 6.02 and 6.22 on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127...
CVE-2015-4231
Cisco NX-OS 6.2(8a) on Nexus 7000 devices is affected by CVE-2015-4231 due to incomplete privilege separation in the Python scripting engine across multiple VDCs. An authenticated local attacker with administrative privileges in one VDC can bypass access restrictions and delete files owned by a d...